CVE-2008-3869

2009-05-2621:30:00

CWE-119

flexera

web.nvd.nist.gov

cve-2008-3869

heap-based buffer overflow

sadmind

sun solaris

remote code execution

rpc

nvd

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

AI Score

7.9

Confidence

Low

EPSS

0.644

Percentile

97.9%

JSON

Heap-based buffer overflow in sadmind in Sun Solaris 8 and 9 allows remote attackers to execute arbitrary code via a crafted RPC request, related to improper decoding of request parameters.

Affected configurations

Nvd

Node

sunsolarisMatch8.0sparc

sunsolarisMatch8.0x86

sunsolarisMatch9.0sparc

sunsolarisMatch9.0x86

VendorProductVersionCPE
sunsolaris8.0cpe:2.3:o:sun:solaris:8.0:*:sparc:*:*:*:*:*
sunsolaris8.0cpe:2.3:o:sun:solaris:8.0:*:x86:*:*:*:*:*
sunsolaris9.0cpe:2.3:o:sun:solaris:9.0:*:sparc:*:*:*:*:*
sunsolaris9.0cpe:2.3:o:sun:solaris:9.0:*:x86:*:*:*:*:*

Vendor	Product	Version	CPE
sun	solaris	8.0	cpe:2.3:o:sun:solaris:8.0::sparc:::::
sun	solaris	8.0	cpe:2.3:o:sun:solaris:8.0::x86:::::
sun	solaris	9.0	cpe:2.3:o:sun:solaris:9.0::sparc:::::
sun	solaris	9.0	cpe:2.3:o:sun:solaris:9.0::x86:::::